.comment: Are We Asking for It? - page 3

Phantom Pictures from Out of Nowhere

October 4, 2000

By
Dennis E. Powell

Much has been made of the security of Linux,
and it's true that Linux is marginally more secure than are a number of
other operating systems, especially if the user or administrator of the
machine or network applies security updates as potential exploits are discovered
and fixed. As is sometimes pointed out, the system is usually safe--it's
only your home directory that's at risk.

Well, small comfort. I could pretty easily
replace everything on my machine except the contents of my home
directory, which is the repository of years of work. I keep a drive here
the sole purpose of which is to keep a backup of /home.

My little adventure with the XScreenSaver
module that went outside the local machine in search of images caused me
a little bit of an epiphany--the time when the obvious becomes startlingly
clear. Much of the reason that Linux is relatively invulnerable is that
nobody has gotten around to writing the software yet that will make it
vulnerable.

But it's coming.

Laziness Leads to Corruption

No, this section is not about the political
scene, a heading appropriate to that subject notwithstanding. Instead,
as more and more Windows refugees flock to Linux we're hearing more and
more demands that Linux desktops be made to do the things that caused the
users to flee Windows in the first place. This is like a news account I
read several years ago about people in New York who move to Arizona because
of their allergies--and then populate their yards with the same plants
that made them sneeze in New York. Invariably, these user requests involve
removing control from the user and giving it to the packager, because the
users are simply too damn lazy to learn Linux.

Beyond that, Linux developers are taking
it upon themselves to come up with new features that surpass those of Microsoft
products, as if some Arizona land developer were to offer homes on lots
thick with flora even more poisonous than that found elsewhere. We already
have distributors doing us the favor of starting by default all kinds of
unnecessary daemons, even in installations that are clearly for client
desktop use. (And they don't bother to document what they've done, or why,
or how to undo it.) We have projects that promise to automatically update
your system, to feed you data, to do all manner of things that you must
trust them to do properly. Their developers recognize that the next big
market for Linux will be among the incurably lazy, among people who want
something without lifting a finger to bring it about or even bothering
to understand how it works. (Hmmm. Maybe this section is about politics
after all.)

I can anticipate the email I'll get about
this. It will be peppered with the word "elitist." Let me respond in advance:
Tough.